From 8569fb79f8683cf10f9a57145071d31aa2c2a42b Mon Sep 17 00:00:00 2001 From: Armanveer Gill Date: Sun, 19 Jan 2025 21:13:25 -0500 Subject: [PATCH] Removed errors and warnings in the judging scheduler (still does not work as intended) --- admin/judges_jdiv.php | 2 +- admin/judges_sa.php | 45 ++++++++++++++--------- admin/judges_teams.php | 27 +++++++++----- admin/judges_teams_members.php | 4 +- admin/judges_teams_projects.php | 30 +++++++-------- admin/project_editor.php | 12 +++--- admin/registration_list.php | 36 +++++++++--------- admin/reports.inc.php | 18 ++++----- common.inc.php | 8 ++-- projects.inc.php | 6 +-- register_participants.inc.php | 21 ++++++----- register_participants_mentor.php | 4 +- register_participants_project.php | 6 +-- register_participants_safety.php | 4 +- register_participants_signature_tcpdf.php | 2 +- register_participants_students.php | 38 ++++++++++--------- 16 files changed, 144 insertions(+), 119 deletions(-) diff --git a/admin/judges_jdiv.php b/admin/judges_jdiv.php index 9266fb9a..3c874f05 100644 --- a/admin/judges_jdiv.php +++ b/admin/judges_jdiv.php @@ -180,7 +180,7 @@ function get_all_divs() return $cdl; } - if(get_value_from_array($_POST, 'action') == "add" && get_value_from_array($_POST, 'jdiv_id') && count(get_value_from_array($_POST, 'cdllist')) > 0) + if(get_value_from_array($_POST, 'action') == "add" && get_value_from_array($_POST, 'jdiv_id') && count(get_value_from_array($_POST, 'cdllist', [])) > 0) { foreach($_POST['cdllist'] AS $selectedcdl) { $q=$pdo->prepare("UPDATE judges_jdiv SET jdiv_id='{$_POST['jdiv_id']}' WHERE ". diff --git a/admin/judges_sa.php b/admin/judges_sa.php index 5c87c0d5..9e4876ad 100644 --- a/admin/judges_sa.php +++ b/admin/judges_sa.php @@ -289,7 +289,8 @@ function judge_mark_for_round($j, $r) * modify it, not a copy of it */ $ju =& $judges[$j['id']]; - foreach($ju['availability'] as $key=>&$a) { + $availability = &$ju['availability']; + foreach($availability as $key=>&$a) { if($r['starttime'] >= $a['start'] && $r['starttime'] <= $a['end']) { /* Round starts in the middle of this availablity slot * modify this availabilty so it doesn't overlap */ @@ -383,7 +384,8 @@ while($r=$q->fetch(PDO::FETCH_OBJ)) { TRACE("Loading Languages...\n"); $langr = array(); -$pdo->prepare("SELECT * FROM languages WHERE active='Y'"); +$q = $pdo->prepare("SELECT * FROM languages WHERE active='Y'"); +$q->execute(); while($r=$q->fetch(PDO::FETCH_OBJ)) { $langr[$r->lang] = $r->langname; TRACE(" {$r->lang} - {$r->langname}\n"); @@ -556,13 +558,14 @@ foreach($judges as &$j) { if($config['judges_availability_enable']=="yes") { /* Load the judge time availability */ $q = $pdo->prepare("SELECT * FROM judges_availability WHERE users_id='{$j['id']}' ORDER BY `start`"); + $q->execute(); if($q->rowCount()== 0) { TRACE(" {$j['name']} hasn't selected any time availability, POTENTIAL BUG (they shouldn't be marked as complete).\n"); TRACE(" Ignoring this judge.\n"); unset($judges[$j['id']]); continue; } - $q->execute(); + while($r = $q->fetch(PDO::FETCH_ASSOC)) { $j['availability'][] = $r; } @@ -646,12 +649,19 @@ function next_judges_teams_number() function judge_team_create($num, $name) { - global $config; - $name = $name; - $stmt = $pdo->prepare("INSERT INTO judges_teams (num,name,autocreate_type_id,year) - VALUES ('$num','$name','1','{$config['FAIRYEAR']}')"); + global $config, $pdo; + $name = $pdo->quote($name); + $stmt = $pdo->prepare(" + INSERT INTO judges_teams (num, name, autocreate_type_id, year) + VALUES (:num, :name, :autocreate_type_id, :year) +"); + +$stmt->bindValue(':num', $num, PDO::PARAM_INT); +$stmt->bindValue(':name', $name, PDO::PARAM_STR); +$stmt->bindValue(':autocreate_type_id', 1, PDO::PARAM_INT); +$stmt->bindValue(':year', $config['FAIRYEAR'], PDO::PARAM_INT); $stmt->execute(); - $id = lastInsertId(); + $id = $pdo->lastInsertId(); return $id; } @@ -713,7 +723,7 @@ for($k=0; $kanneal(); $jdiv[$jdiv_id]['jteams'] = array(); @@ -772,8 +782,8 @@ function judges_to_teams_update($progress, $total) set_status("Assigning Judges to Teams"); $e = $config['effort']; -$a = new annealer(count($jteam), 25, $e, 0.98, judges_cost_function, $div1_judge_ids); -$a->set_update_callback(judges_to_teams_update); +$a = new annealer(count($jteam), 25, $e, 0.98, 'judges_cost_function', $div1_judge_ids); +$a->set_update_callback('judges_to_teams_update'); $a->anneal(); @@ -861,10 +871,11 @@ for($x=1;$xfetch(PDO::FETCH_OBJ); $stmt = $pdo->prepare("INSERT INTO judges_teams_awards_link (award_awards_id,judges_teams_id,year) VALUES ('$r->id','$team_id','{$config['FAIRYEAR']}')"); + $stmt->execute(); /* Add the award ID to the jdiv, if it's not already there */ if(!in_array($r->id, $jdiv[$t['jdiv_id']]['award_ids'])) { $jdiv[$t['jdiv_id']]['award_ids'][] = $r->id; - $stmt->execute(); + } } } @@ -873,7 +884,7 @@ for($x=1;$xbucket[0]; -for($y=0; $yprepare($q); + $r = $pdo->prepare($q); $r->execute(); print($pdo->errorInfo()); /* sa_jteam for leftover judges, if any */ @@ -1260,7 +1271,7 @@ if($config['scheduler_enable_sa_scheduling'] == 'yes') { $e = $config['effort']; $a = new annealer(count($r['jteam_ids']), 25, $e, 0.98, - judges_sa_cost_function, $judge_ids); + 'judges_sa_cost_function', $judge_ids); //$a->set_update_callback(judges_to_teams_update); //$a->set_pick_move(judges_sa_pick_move); $a->anneal(); @@ -1482,8 +1493,8 @@ for($k=0; $k<$keys_count; $k++) { set_percent(50 + ($k / $keys_count) * 50); $e = 500 + 50 * ($config['effort'] / 1000); - $a = new annealer($n_timeslots, 100, $e, 0.98, timeslot_cost_function, $jteams_ids); - $a->set_pick_move(timeslot_pick_move); + $a = new annealer($n_timeslots, 100, $e, 0.98, 'timeslot_cost_function', $jteams_ids); + $a->set_pick_move('timeslot_pick_move'); $a->anneal(); printf(" "); diff --git a/admin/judges_teams.php b/admin/judges_teams.php index 3909d959..b3c651f6 100644 --- a/admin/judges_teams.php +++ b/admin/judges_teams.php @@ -26,13 +26,13 @@ require_once("../user.inc.php"); user_auth_required('committee', 'admin'); include "judges.inc.php"; - + $action = null; if(get_value_from_array($_GET,'edit')) $edit=get_value_from_array($_GET,'edit'); if(get_value_from_array($_POST,'edit')) $edit=get_value_from_array($_POST,'edit'); if(get_value_from_array($_GET,'action')) $action=get_value_from_array($_GET,'action'); if(get_value_from_array($_POST,'action')) $action=get_value_from_array($_POST,'action'); - if(get_value_or_default($action) == "delete" && get_value_from_array($_GET, 'delete')) + if($action == "delete" && get_value_from_array($_GET, 'delete')) { //ALSO DELETE: team members, timeslots, projects, awards @@ -90,7 +90,7 @@ "); $q2->execute(); $numdeleted=0; - while($r2=$Q2->FETCH(PDO::FETCH_OBJ)) + while($r2=$q2->FETCH(PDO::FETCH_OBJ)) { //okay now we can start deleting things! whew! //first delete any linkings to the team @@ -203,7 +203,7 @@ //first make sure we dont have any non-divisional award teams (dont want people hitting refresh and adding all the teams twice $q=$pdo->prepare("SELECT COUNT(*) AS c FROM judges_teams WHERE autocreate_type_id!='1' AND year='".$config['FAIRYEAR']."'"); $q->execute(); - $r=$q->fetch(PDO::FETCHH_OBJ); + $r=$q->fetch(PDO::FETCH_OBJ); if($r->c) { message_push(error(i18n("Cannot 'Create All' teams when any divisional teams currently exist. Try deleting all existing non-divisional teams first."))); @@ -238,10 +238,15 @@ else $num=1; - while($r=$q->fetch(PDO::FETCHH_OBJ)) { + while($r=$q->fetch(PDO::FETCH_OBJ)) { // print_r($r); $name="($r->award_type) $r->name"; - $stmt = $pdo->prepare("INSERT INTO judges_teams(num,name,autocreate_type_id,year) VALUES ('$num','$name','$r->award_types_id','".$config['FAIRYEAR']."')"); + $stmt = $pdo->prepare("INSERT INTO judges_teams (num, name, autocreate_type_id, year) + VALUES (:num, :name, :autocreate_type_id, :year)"); + $stmt->bindParam(':num', $num); + $stmt->bindParam(':name', $name); + $stmt->bindParam(':autocreate_type_id', $r->award_types_id); + $stmt->bindParam(':year', $config['FAIRYEAR']); $stmt->execute(); show_pdo_errors_if_any($pdo); $team_id=$pdo->lastInsertId(); @@ -287,7 +292,7 @@ function addclicked() "; $team=getJudgingTeam($edit); @@ -307,7 +312,7 @@ function addclicked() echo "".i18n("Awards").":"; - if(count(get_value_from_array($team, 'awards'))) + if(count(get_value_from_array($team, 'awards', []))) { foreach($team['awards'] AS $award) { @@ -406,6 +411,7 @@ function addclicked() echo "
"; $teams=getJudgingTeams(); + $newteamnum=null; if(count($teams)) { //grab an array of all the current team numbers foreach($teams AS $team) @@ -413,7 +419,7 @@ function addclicked() //start at 1, and find the next available team number $newteamnum=1; - while($teamnumbers[$newteamnum]==1) + while(get_value_from_array($teamnumbers, $newteamnum)==1) { $newteamnum++; } @@ -427,6 +433,7 @@ function addclicked() if(!$r->c) { echo "".i18n("Automatically create one new team for every non-divisional award")."
"; } + echo "".i18n("Manually add individual team")."
"; echo ""; @@ -451,7 +458,7 @@ function addclicked() echo ""; echo ""; - if(count($team['awards'])) + if(count(get_value_from_array($team, 'awards', []))) { foreach($team['awards'] AS $award) { diff --git a/admin/judges_teams_members.php b/admin/judges_teams_members.php index 8b4d079d..c73dbc45 100644 --- a/admin/judges_teams_members.php +++ b/admin/judges_teams_members.php @@ -106,7 +106,7 @@ jQuery(document).ready(function(){ 0) { + if(get_value_from_array($_POST, 'action') == "add" && get_value_from_array($_POST, 'team_num') && count(get_value_from_array($_POST, 'judgelist', []))>0) { //first check if this team exists. $q=$pdo->prepare("SELECT id,name FROM judges_teams WHERE num='".$_POST['team_num']."' AND year='".$config['FAIRYEAR']."'"); $q->execute(); @@ -118,7 +118,7 @@ jQuery(document).ready(function(){ //if the team is empty, we'll add the first person as the captain $team=getJudgingTeam($team_id); - if(count($team['members'])) + if(count(get_value_from_array($team, 'members', []))) $captain='no'; else $captain='yes'; diff --git a/admin/judges_teams_projects.php b/admin/judges_teams_projects.php index 39a0a684..d43e2f3e 100644 --- a/admin/judges_teams_projects.php +++ b/admin/judges_teams_projects.php @@ -57,27 +57,27 @@ function eligibleclick() "; + $action=null; + if(get_value_from_array($_GET, 'actio')) $action=$_GET['action']; + else if(get_value_from_array($_POST, 'action')) $action=$_POST['action']; - if($_GET['action']) $action=$_GET['action']; - else if($_POST['action']) $action=$_POST['action']; + if(get_value_from_array($_GET, 'edit')) $edit=$_GET['edit']; + else if(get_value_from_array($_POST, 'edit')) $edit=$_POST['edit']; - if($_GET['edit']) $edit=$_GET['edit']; - else if($_POST['edit']) $edit=$_POST['edit']; - -if(!$_SESSION['viewstate']['judges_projects_list_show']) +if(!get_value_from_2d_array($_SESSION, 'viewstate','judges_projects_list_show')) $_SESSION['viewstate']['judges_projects_list_show']='unassigned'; //now update the judges_teams_list_show viewstate -if($_GET['judges_projects_list_show']) +if(get_value_from_array($_GET, 'judges_projects_list_show')) $_SESSION['viewstate']['judges_projects_list_show']=$_GET['judges_projects_list_show']; -if(!$_SESSION['viewstate']['judges_projects_list_eligible']) +if(!get_value_from_2d_array($_SESSION, 'viewstate', 'judges_projects_list_eligible')) $_SESSION['viewstate']['judges_projects_list_eligible']='true'; //now update the judges_teams_list_show viewstate -if($_GET['judges_projects_list_eligible']) +if(get_value_from_array($_GET, 'judges_projects_list_eligible')) $_SESSION['viewstate']['judges_projects_list_eligible']=$_GET['judges_projects_list_eligible']; -if($_GET['action']=="delete" && $_GET['delete'] && $_GET['edit']) +if(get_value_from_array($_GET, 'action')=="delete" && $_GET['delete'] && $_GET['edit']) { $stmt = $pdo->prepare("DELETE FROM judges_teams_timeslots_projects_link WHERE id='".$_GET['delete']."'"); $stmt->execute(); @@ -86,7 +86,7 @@ if($_GET['action']=="delete" && $_GET['delete'] && $_GET['edit']) } -if($_POST['action']=="assign" && $_POST['edit'] && $_POST['timeslot'] && $_POST['project_id']) +if(get_value_from_array($_POST, 'action')=="assign" && $_POST['edit'] && $_POST['timeslot'] && $_POST['project_id']) { $stmt = $pdo->prepare("INSERT INTO judges_teams_timeslots_projects_link (judges_teams_id,judges_timeslots_id,projects_id,year) VALUES ('".$_POST['edit']."','".$_POST['timeslot']."','".$_POST['project_id']."','".$config['FAIRYEAR']."')"); $stmt->execute(); @@ -95,7 +95,7 @@ if($_POST['action']=="assign" && $_POST['edit'] && $_POST['timeslot'] && $_POST[ $q=$pdo->prepare("SELECT DISTINCT(date) AS d FROM judges_timeslots WHERE year='".$config['FAIRYEAR']."'"); $q->execute(); -if($q-rowCount()>1) +if($q->rowCount()>1) $show_date=true; else $show_date=false; @@ -241,7 +241,7 @@ if( ($action=="edit" || $action=="assign" ) && $edit) projectnumber"; } - $pq=$pdo->($querystr); + $pq=$pdo->prepare($querystr); $pq->execute(); show_pdo_errors_if_any($pdo); @@ -346,7 +346,7 @@ if( ($action=="edit" || $action=="assign" ) && $edit) echo ""; echo "".$team['name']." (#".$team['num'].")
"; $memberlist=""; - if(count($team['members'])) { + if(count(get_value_from_array($team, 'members', []))) { foreach($team['members'] AS $member) { echo "  "; $err=false; @@ -385,7 +385,7 @@ if( ($action=="edit" || $action=="assign" ) && $edit) date,starttime "); $q->execute(); - $numslots=$q-rowCount(); + $numslots=$q->rowCount(); echo "".i18n("Edit team project assignments").""; diff --git a/admin/project_editor.php b/admin/project_editor.php index 75a1d742..b69f579f 100644 --- a/admin/project_editor.php +++ b/admin/project_editor.php @@ -46,7 +46,7 @@ if($auth_type == 'fair') { } else { /* Make sure they have permission to laod this student, check the master copy of the fairs_id in the project */ - $q=$pdo>prepare("SELECT * FROM projects WHERE + $q=$pdo->prepare("SELECT * FROM projects WHERE registrations_id='$registrations_id' AND year='{$config['FAIRYEAR']}' AND fairs_id=$fairs_id"); @@ -73,20 +73,20 @@ case 'project_regenerate_number': /* Now generate */ $q=$pdo->prepare("SELECT id FROM projects WHERE registrations_id='{$registrations_id}' AND year='{$config['FAIRYEAR']}'"); $q->execute(); - $i=$q->fetch(PDO::FETCH_ASSOC);; + $i=$q->fetch(PDO::FETCH_ASSOC); $id = $i['id']; - $pdo->prepare("UPDATE projects SET projectnumber=NULL,projectsort=NULL, + $stmt = $pdo->prepare("UPDATE projects SET projectnumber=NULL,projectsort=NULL, projectnumber_seq='0',projectsort_seq='0' WHERE id='$id'"); - $pdo->execute(); + $stmt->execute(); show_pdo_errors_if_any($pdo); list($pn,$ps,$pns,$pss) = generateProjectNumber($registrations_id); // print("Generated Project Number [$pn]"); - $pdo->prepare("UPDATE projects SET projectnumber='$pn',projectsort='$ps', + $stmt = $pdo->prepare("UPDATE projects SET projectnumber='$pn',projectsort='$ps', projectnumber_seq='$pns',projectsort_seq='$pss' WHERE id='$id'"); - $pdo->execute(); + $stmt->execute(); happy_("Generated and Saved Project Number: $pn"); break; diff --git a/admin/registration_list.php b/admin/registration_list.php index ea738052..e4b25650 100644 --- a/admin/registration_list.php +++ b/admin/registration_list.php @@ -129,6 +129,7 @@ function popup_editor(id, open_tab) var h = (document.documentElement.clientHeight * 0.9); registrations_id = id; + registrations_new = 0; if(id == -1) { @@ -146,16 +147,16 @@ function popup_editor(id, open_tab) case 'reg': /* If we open on the reg tab, disable the others until a save */ $('#editor_tabs').tabs('option', 'disabled', [1,2]); - $('#editor_tabs').tabs('select', 0); + $('#editor_tabs').tabs('option', 'active', 0); break; case 'project': $('#editor_tabs').tabs('option', 'disabled', []); - $('#editor_tabs').tabs('select', 2); + $('#editor_tabs').tabs('option', 'active', 2); break; default: $('#editor_tabs').tabs('option', 'disabled', []); - $('#editor_tabs').tabs('select', 1); + $('#editor_tabs').tabs('option', 'active', 1); break; } /* Don't let anything collapse */ @@ -299,8 +300,8 @@ $(document).ready(function() { /* Create a row before loading it */ $("#registration_list").append(""); } - $("#row_"+id).load("?action=load_row&id="+id); - $("#row_"+id).effect('highlight',{},500); + $("#" + $.escapeSelector("row_" + id)).load("?action=load_row&id="+id); + $("#" + $.escapeSelector("row_" + id)).effect('highlight',{},500); } }); @@ -437,10 +438,10 @@ function list_query($year, $wherestatus, $reg_id) registrations.status DESC, projects.title "); - + $q->execute(); // FIXME - //show_pdo_errors_if_any($pdo); + show_pdo_errors_if_any($pdo); return $q; } @@ -448,8 +449,9 @@ function list_query($year, $wherestatus, $reg_id) function print_row($r) { - global $cats, $divs, $config, $year; - switch($r->status) { + global $cats, $divs, $config, $year, $pdo; + $status_text=null; + switch(get_value_property_or_default($r, 'status')) { case "new": $status_text="New"; break; case "open": $status_text="Open"; break; case "paymentpending": $status_text="Payment Pending"; break; @@ -458,18 +460,18 @@ function print_row($r) $status_text=i18n($status_text); - $scl = "style=\"cursor:pointer;\" onclick=\"popup_editor('{$r->reg_id}','');\""; - $pcl = "style=\"cursor:pointer;\" onclick=\"popup_editor('{$r->reg_id}','project');\""; + $scl = "style=\"cursor:pointer;\" onclick=\"popup_editor('{" . get_value_property_or_default($r, 'reg_id') ."}','');\""; + $pcl = "style=\"cursor:pointer;\" onclick=\"popup_editor('{". get_value_property_or_default($r, 'reg_id') ."}','project');\""; echo "{$status_text}"; - echo "{$r->email}"; - echo "{$r->reg_num}"; - $pn = str_replace(' ', ' ', $r->projectnumber); + echo "{".get_value_property_or_default($r, 'email') ."}"; + echo "{".get_value_property_or_default($r, 'reg_num') ."}"; + $pn = str_replace(' ', ' ', get_value_property_or_default($r, 'projectnumber', '')); echo "$pn"; - echo "{$r->title}"; + echo "{" .get_value_property_or_default($r, 'title')."}"; - echo "".i18n($cats[$r->projectcategories_id]).""; - echo "".i18n($divs[$r->projectdivisions_id]).""; + echo "".i18n(get_value_from_array($cats, get_value_property_or_default($r, 'projectcategories_id'), '')).""; + echo "".i18n($divs[get_value_property_or_default($r, 'projectdivisions_id', '')]).""; $sq=$pdo->prepare("SELECT students.firstname, students.lastname, diff --git a/admin/reports.inc.php b/admin/reports.inc.php index 590cda88..e2e9e00c 100644 --- a/admin/reports.inc.php +++ b/admin/reports.inc.php @@ -359,24 +359,24 @@ foreach($report_stock as $n=>$v) { foreach($report[$type] as $k=>$v) { if($type == 'option') { /* field, value, x, y, w, h, lines, face, align, valign, fn, fs, fsize, overflow */ - $vals = "'".$pdo->quote($k)."','".$pdo->quote($v)."','0','0','0','0','0','','','','','','0','truncate'"; + $vals = "".$pdo->quote($k).",".$pdo->quote($v).",'0','0','0','0','0','','','','','','0','truncate'"; } else { if(get_value_from_array($v, 'lines') == 0) $v['lines'] =1; $fs = is_array(get_value_from_array($v,'fontstyle')) ? implode(',',$v['fontstyle']) : ''; - $opts = get_value_from_array($v, 'align') . " " .$pdo->quote(get_value_from_array($v, 'valign')); - $vals = "'{$v['field']}','{$v['value']}', - '{$v['x']}','{$v['y']}','{$v['w']}', - '{$v['h']}','{$v['lines']}','{$v['face']}', - '$opts','{$v['valign']}', - '{$v['fontname']}','$fs','{$v['fontsize']}', - '{$v['on_overflow']}'"; + $opts = get_value_from_array($v, 'align') . " " .$pdo->quote(get_value_from_array($v, 'valign', '')); + $vals = "'".get_value_from_array($v, 'field')."','".get_value_from_array($v, 'value')."', + '".get_value_from_array($v,'x')."','".get_value_from_array($v, 'y')."','".get_value_from_array($v, 'w')."', + '".get_value_from_array($v, 'h')."','".get_value_from_array($v,'lines')."','".get_value_from_array($v, 'face')."', + '$opts','".get_value_from_array($v, 'valign')."', + '".get_value_from_array($v, 'fontname')."','$fs','".get_value_from_array($v, 'fontsize')."', + '".get_value_from_array($v, 'on_overflow')."'"; } if($q != '') $q .= ','; $q .= "({$report['id']}, '$type','$x',$vals)"; $x++; } - echo $q; + $stmt = $pdo->prepare("INSERT INTO reports_items(`reports_id`,`type`,`ord`, `field`,`value`,`x`, `y`, `w`, `h`, `lines`, `face`, `align`,`valign`, diff --git a/common.inc.php b/common.inc.php index ede669ce..2230a464 100644 --- a/common.inc.php +++ b/common.inc.php @@ -408,6 +408,7 @@ function send_header($title="", $nav=null, $icon=null, $titletranslated=false) + @@ -448,7 +449,7 @@ if(isset($_SESSION['users_type'])) { if($_SESSION['users_type'] != false) { echo i18n($types[$_SESSION['users_type']]); } - echo " {$_SESSION['email']}: "; + echo " {".get_value_from_array($_SESSION, 'email')."}: "; if($_SESSION['multirole'] == true) { echo "[".i18n('Switch Roles')."] "; } @@ -703,6 +704,7 @@ function send_popup_header($title="") + @@ -1114,10 +1116,10 @@ function output_page_text($textname) } //if it looks like we have HTML content, dont do a nl2br, if there's no html, then do the nl2br - if($r->text !== null and strlen($r->text)==strlen(strip_tags($r->text))) + if(get_value_property_or_default($r, 'text') !== null and strlen($r->text)==strlen(strip_tags($r->text))) echo nl2br($r->text); else - echo $r->text; + echo get_value_property_or_default($r, 'text'); } function output_page_cms($filename) diff --git a/projects.inc.php b/projects.inc.php index 62392fb3..a2a83edb 100644 --- a/projects.inc.php +++ b/projects.inc.php @@ -173,7 +173,7 @@ function getSpecialAwardsEligibleForProject($projectid) function getSpecialAwardsNominatedForProject($projectid) { - global $config; + global $config, $pdo; $awardsq=$pdo->prepare("SELECT award_awards.id, @@ -210,7 +210,7 @@ function getSpecialAwardsNominatedForProject($projectid) function getNominatedForNoSpecialAwardsForProject($projectid) { - global $config; + global $config, $pdo; $awardsq=$pdo->prepare("SELECT projects.id AS projects_id FROM @@ -275,7 +275,7 @@ function getProjectsNominatedForSpecialAward($award_id) function getLanguagesOfProjectsNominatedForSpecialAward($award_id) { - global $config; + global $config, $pdo; //if they dont use special award nominations, then we will instead get all of the projects that //are eligible for the award, instead of nominated for it. diff --git a/register_participants.inc.php b/register_participants.inc.php index 87201838..7202b166 100644 --- a/register_participants.inc.php +++ b/register_participants.inc.php @@ -23,7 +23,7 @@ ?> prepare("SELECT status FROM registrations WHERE id='$rid'"); @@ -50,7 +50,7 @@ function registrationDeadlinePassed() function studentStatus($reg_id="") { - global $config; + global $config, $pdo; if($config['participant_student_personal']=="yes") $required_fields=array("firstname","lastname","address","city","postalcode","phone","email","grade","dateofbirth","schools_id","sex"); else @@ -91,7 +91,7 @@ function studentStatus($reg_id="") function emergencycontactStatus($reg_id="") { - global $config; + global $config, $pdo; $required_fields=array("firstname","lastname","relation","phone1"); if($reg_id) $rid=$reg_id; @@ -122,7 +122,7 @@ function emergencycontactStatus($reg_id="") function projectStatus($reg_id="") { - global $config; + global $config, $pdo; $required_fields=array("title","projectcategories_id","projectdivisions_id","language","req_table","req_electricity","summarycountok"); if($config['participant_short_title_enable'] == 'yes') @@ -162,7 +162,7 @@ function projectStatus($reg_id="") function mentorStatus($reg_id="") { - global $config; + global $config, $pdo; $required_fields=array("firstname","lastname","phone","email","organization","description"); if($reg_id) $rid=$reg_id; @@ -179,7 +179,7 @@ function mentorStatus($reg_id="") $q->execute(); //if we dont have the minimum, return incomplete - if($q->rowCount()<$config['minmentorserproject']) + if($q->rowCount()fetch(PDO::FETCH_OBJ)) @@ -200,7 +200,7 @@ $q->execute(); function safetyStatus($reg_id="") { - global $config; + global $config, $pdo; if($reg_id) $rid=$reg_id; else $rid=$_SESSION['registration_id']; @@ -296,13 +296,14 @@ function tourStatus($reg_id="") } function namecheckStatus($reg_id="") { - global $config; + global $config, $pdo; if($reg_id) { $q=$pdo->prepare("SELECT * FROM students WHERE - registrations_id='$reg_id' - $q->execute(); + registrations_id='$reg_id' + AND year='".$config['FAIRYEAR']."'"); + $q->execute(); } else { $q=$pdo->prepare("SELECT * FROM students WHERE id='{$_SESSION['students_id']}'"); diff --git a/register_participants_mentor.php b/register_participants_mentor.php index 230237f1..4eb0341d 100644 --- a/register_participants_mentor.php +++ b/register_participants_mentor.php @@ -62,7 +62,7 @@ show_pdo_errors_if_any($pdo); //now do any data saves -if($_POST['action']=="save") +if(get_value_from_array($_POST, 'action')=="save") { if(registrationFormsReceived()) { @@ -122,7 +122,7 @@ if($_POST['action']=="save") } -if($_GET['action']=="removementor") +if(get_value_from_array($_GET, 'action')=="removementor") { if(registrationFormsReceived()) { diff --git a/register_participants_project.php b/register_participants_project.php index e384ca32..d37ad8b8 100644 --- a/register_participants_project.php +++ b/register_participants_project.php @@ -74,7 +74,7 @@ show_pdo_errors_if_any($pdo); } - if($_POST['action']=="save") + if(get_value_from_array($_POST, 'action')=="save") { if(registrationFormsReceived()) { @@ -119,7 +119,7 @@ show_pdo_errors_if_any($pdo); $stmt = $pdo->prepare("UPDATE projects SET ". "title='".$title."', ". "shorttitle='".$shorttitle."', ". - "projectdivisions_id='".intval($_POST['projectdivisions_id']."', ". + "projectdivisions_id='".intval($_POST['projectdivisions_id'])."', ". "projecttype='".stripslashes($_POST['projecttype'])."', ". "language='".stripslashes($_POST['language'])."', ". "req_table='".stripslashes($_POST['req_table'])."', ". @@ -165,7 +165,7 @@ show_pdo_errors_if_any($pdo); //now select their project info $q=$pdo->prepare("SELECT * FROM projects WHERE registrations_id='".$_SESSION['registration_id']."' AND year='".$config['FAIRYEAR']."'"); $q->execute(); - /check if it exists, if we didnt find any record, lets insert one + //check if it exists, if we didnt find any record, lets insert one if($q->rowCount()==0) { $stmt = $pdo->prepare("INSERT INTO projects (registrations_id,projectcategories_id,year) VALUES ('".$_SESSION['registration_id']."','$projectcategories_id','".$config['FAIRYEAR']."')"); diff --git a/register_participants_safety.php b/register_participants_safety.php index 4a2fa7e7..9d1e1103 100644 --- a/register_participants_safety.php +++ b/register_participants_safety.php @@ -57,7 +57,7 @@ show_pdo_errors_if_any($pdo); echo "<< ".i18n("Back to Participant Registration Summary")."
"; echo "
"; - if($_POST['action']=="save") { + if(get_value_from_array($_POST, 'action')=="save") { if(registrationFormsReceived()) { echo error(i18n("Cannot make changes to forms once they have been received by the fair")); } @@ -115,7 +115,7 @@ else if($newstatus=="complete") { echo i18n($r->question).""; echo ""; if($r->type=="check") { - if($safetyanswers[$r->id]=="checked") $ch="checked=\"checked\""; else $ch=""; + if(get_value_from_array($safetyanswers, $r->id)=="checked") $ch="checked=\"checked\""; else $ch=""; echo "id]\" value=\"checked\" />"; } else if($r->type=="yesno") { diff --git a/register_participants_signature_tcpdf.php b/register_participants_signature_tcpdf.php index 21c04576..badf9ca7 100644 --- a/register_participants_signature_tcpdf.php +++ b/register_participants_signature_tcpdf.php @@ -27,7 +27,7 @@ require_once('tcpdf.inc.php'); //anyone can access a sample, we dont need to be authenticated or anything for that - if($_GET['sample']) { + if(get_value_from_array($_GET, 'sample')) { $registration_number=12345; $registration_id=0; } else { diff --git a/register_participants_students.php b/register_participants_students.php index f57d77e5..7b65a933 100644 --- a/register_participants_students.php +++ b/register_participants_students.php @@ -37,13 +37,14 @@ exit; } $fairyear = intval($config['FAIRYEAR']); - $q=yahoo_image.png.pnguery("SELECT registrations.id AS regid, students.id AS studentid, students.firstname FROM registrations,students ". + $q=$pdo->prepare("SELECT registrations.id AS regid, students.id AS studentid, students.firstname FROM registrations,students ". "WHERE students.email='" . $_SESSION['email'] . "' ". "AND registrations.num='" . $_SESSION['registration_number'] . "' ". "AND registrations.id='" . $_SESSION['registration_id'] . "' ". "AND students.registrations_id=registrations.id ". "AND registrations.year=" . $fairyear . " ". "AND students.year=" . $fairyear); +$q->execute(); show_pdo_errors_if_any($pdo); @@ -70,7 +71,7 @@ $items_q->execute(); //now do any data saves -if($_POST['action']=="save") +if(get_value_from_array($_POST, 'action')=="save") { if(registrationFormsReceived()) { @@ -189,7 +190,7 @@ if($_POST['action']=="save") } } -if($_GET['action']=="removestudent") +if(get_value_from_array($_GET, 'action')=="removestudent") { if(registrationFormsReceived()) { @@ -257,7 +258,7 @@ $q->execute(); $numfound=$q->rowCount(); } - if($_GET['numstudents']) + if(get_value_from_array($_GET, 'numstudents')) $numtoshow=$_GET['numstudents']; else $numtoshow=$numfound; @@ -288,7 +289,7 @@ $q->execute(); echo "

".i18n("Student %1 Details",array($x))."

"; //if we have a valid student, set their ID, so we can UPDATE when we submit //if there is no record for this student, then set the ID to 0, so we will INSERT when we submit - if($studentinfo->id) $id=$studentinfo->id; else $id=0; + if(get_value_property_or_default($studentinfo,'id')) $id=$studentinfo->id; else $id=0; //true should work here, it just has to be set to _something_ for it to work. echo ""; @@ -297,8 +298,8 @@ $q->execute(); echo ""; echo ""; echo "\n"; - echo " \n"; - echo " \n"; + echo " \n"; + echo " \n"; echo "\n"; if($config['participant_student_pronunciation']=='yes') { echo "\n"; @@ -325,11 +326,11 @@ if($config['participant_student_personal']=="yes") echo "\n"; echo "\n"; - echo " \n"; + echo " \n"; if($config['participant_student_personal']=="yes") { - echo " \n"; + echo " \n"; } else { @@ -342,11 +343,11 @@ if($config['participant_student_personal']=="yes") { echo "\n"; echo " "; - echo " \n"; + echo " \n"; echo " "; echo "\n"; @@ -355,14 +356,15 @@ if($config['participant_student_personal']=="yes") echo "\n"; echo " "; - echo "\n"; + echo "\n"; echo " "; - echo " \n"; + echo " \n"; echo "\n"; echo "\n"; echo "
".i18n("First Name")."firstname\" />".REQUIREDFIELD."".i18n("Last Name")."lastname\" />".REQUIREDFIELD."".i18n("First Name")."".REQUIREDFIELD."".i18n("Last Name")."".REQUIREDFIELD."
".i18n("Email Address")."email\" />".REQUIREDFIELD."".i18n("Email Address")."".REQUIREDFIELD."".i18n("City")."city\" />".REQUIREDFIELD."".i18n("City")."".REQUIREDFIELD."
".i18n("Address")."address\" />".REQUIREDFIELD."".REQUIREDFIELD."".i18n($config['provincestate']).""; - emit_province_selector("province[$x]",$studentinfo->province); + emit_province_selector("province[$x]",get_value_property_or_default($studentinfo, 'province')); echo REQUIREDFIELD; echo "
".i18n($config['postalzip'])."postalcode\" />".REQUIREDFIELD."".REQUIREDFIELD."".i18n("Phone")."phone\" />".REQUIREDFIELD."".REQUIREDFIELD."
".i18n("Date of Birth")."\n"; - list($year,$month,$day)=split("-",$studentinfo->dateofbirth); + $year = null; + list($year,$month,$day)=explode("-",get_value_property_or_default($studentinfo,'dateofbirth', '')); echo "\n"; echo ""; echo "\n"; } @@ -445,7 +447,7 @@ if($config['participant_student_personal']=="yes") { echo "\n"; echo ""; echo "\n"; } @@ -478,8 +480,8 @@ if($config['participant_student_personal']=="yes") echo "\n"; echo "\n"; - echo " \n"; - echo " \n"; + echo " \n"; + echo " \n"; echo "\n"; if($config['participant_regfee_items_enable'] == 'yes' ) {
"; emit_day_selector("day[$x]",$day); echo "\n"; @@ -436,7 +438,7 @@ if($config['participant_student_personal']=="yes") { echo "
".i18n("Medical Alert Info").""; - echo "medicalalert\" />"; + echo ""; echo "
".i18n("Special Food Requirements").""; - echo "foodreq\" />"; + echo ""; echo "
".i18n("Teacher Name")."teachername\" />".i18n("Teacher Email")."teacheremail\" />".i18n("Teacher Name")."".i18n("Teacher Email")."